ESMI Multiple Storefront products1.php id2 Parameter SQL Injection

2005-03-25T23:32:24
ID OSVDB:15058
Type osvdb
Reporter Diabolic Crab(dcrab@hackerscenter.com)
Modified 2005-03-25T23:32:24

Description

Vulnerability Description

ESMI PayPal Storefront contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'id2' variable in the products1.php script is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

ESMI PayPal Storefront contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'id2' variable in the products1.php script is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Manual Testing Notes

http://[victim]/hv/ecdis/products1.php?id=6&id2='SQLINJECTION&subcat=Asus&p=pro ducts1

References:

Vendor URL: http://www.esmistudio.com/ Security Tracker: 1013563 Secunia Advisory ID:14711 Related OSVDB ID: 15057 Related OSVDB ID: 15059 Other Advisory URL: http://www.hackerscenter.com/Archive/view.asp?id=1774